Whitelist syscalls for 32-bit x86 Linux

Should probably filter the args to this for the sake of proper
sandboxing.

src/sandbox/seccomp.cpp

@@ -117,7 +117,9 @@ static sock_filter filter[] = {
 
     // networking
     ALLOW_SYSCALL(poll),
+#ifdef __NR_accept
     ALLOW_SYSCALL(accept),
+#endif
     ALLOW_SYSCALL(setsockopt),
     ALLOW_SYSCALL(sendto),
     ALLOW_SYSCALL(recvfrom),
@@ -131,6 +133,11 @@ static sock_filter filter[] = {
 #endif
     ALLOW_SYSCALL(rt_sigreturn),
 
+    // i386
+#ifdef __NR_socketcall
+    ALLOW_SYSCALL(socketcall),
+#endif
+
     // Raspberry Pi (ARM)
 #ifdef __NR_set_robust_list
     ALLOW_SYSCALL(set_robust_list),